- From: Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>
- Date: Sat, 30 Dec 2006 19:38:11 -0500
- To: ses@ll.mit.edu
- Cc: public-wsc-wg@w3.org
- Message-ID: <OF0BA4F99A.BEF15FB8-ON85257255.000317BA-85257255.00038188@LocalDomain>
What a thread. I took a glance, but if I'm saying redundant things that
have been dealt with, don't waste bandwidth saying redundant things to me.
> I can imagine four reasons why a site might rely on self-signed certs
>
> (1) The service is being tested and is not yet ready for deployment
> (2) The administrator hasn't got the $20 to get a low-end CA cert.
> (3) The administrator is only concerned about eavesdropping and
> so believes a self-signed certificate is adequate.
> (In reality, if an attacker can eavesdrop (s)he can probably
> forge packets as well.)
> (4) The administrator doesn't have the time/skills to install a
> CA cert and figures that users will click through to the page
> even if the cert is self signed.
You seem to be totally ignoring enterprise scenarios. I don't see why
enterprises shouldn't use self signed certs for intra-enterprise
applications. I see it as a hole in the trust management infrastructure
that there are no tools for enterprises to administer certs to desktops,
the same way they manage code updates to desktops.
So, before reading the entire thread, I resist the notion that only
pre-shipped CA certs are "good". It may be however that we can only make
them usable by my mom. Who does not work for an enterprise.
Welcome to the WG.
Mez
Received on Sunday, 31 December 2006 00:38:25 UTC